If the SSD is placed in two different laptops will the decryption key still be the same? (For example, if you manage a large office and have 100 recovery keys written down, the "key ID" lets you know what computer needs what key.) The "key ID" is completely unrelated to the laptop nor the physical disk it's just a completely random ID that acts like a "name" for the numeric unlock password / recovery key. If it is the original laptop does that mean the whole old laptop gets encrypted and its ID is stored on the SSD? (This is in fact the whole point of the recovery key – you can always use it no matter what hardware has changed.) This is an alternate key stored within the BitLocker metadata itself – it is randomly generated and not related to the system's hardware in any way. Will this be the unlock key of the original laptop or the new laptop? the second copy is encrypted using a randomly-generated 48-digit "recovery password" that Windows usually asks to write down or print out.the first copy is sealed using the old laptop's TPM chip.If you run manage-bde -status or manage-bde c: -protectors -get, you'll see that each disk can have multiple so-called "protectors", each of which holds its own copy of the disk's master key. The master key is randomly generated, and never shown to the user. How is the decryption key of a bitlocker encrypted drive generated?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |